castle · bartes · Dec 26, 2018 · Dec 26, 2018 · Dec 26, 2018
diff --git a/lib/castle/middleware/event_mapper.rb b/lib/castle/middleware/event_mapper.rb
@@ -75,15 +75,15 @@ def self.match?(mapping, conditions)
           match_prop?(mapping.redirect_url, redirect_url) &&
           match_prop?(mapping.path, path) &&
           (mapping.authenticate == auth) &&
-          (mapping.referer.nil? || referer.include?(mapping.referer))
+          match_prop?(mapping.referer, referer)
       end
 
-      def self.match_prop?(prop_value, condition)
-        return true if condition.nil? || prop_value.nil?
+      def self.match_prop?(prop_value, current)
+        return true if current.nil? || prop_value.nil?
 
-        prop_value = prop_value.to_s unless prop_value.is_a?(Regexp)
+        prop_value = /^#{prop_value}$/ unless prop_value.is_a?(Regexp)
 
-        !prop_value.match(condition).nil?
+        !prop_value.match(current).nil?
       end
     end
   end

diff --git a/lib/castle/middleware/identification.rb b/lib/castle/middleware/identification.rb
@@ -14,12 +14,16 @@ def traits(resource, config)
           return {} if resource.nil?
 
           result = config.each_with_object({}) do |(name, value), acc|
-            next if name.to_sym === :registered_at
+            next if name.to_sym == :registered_at
 
             acc[name.to_sym] = resource.public_send(value)
           end
-          result[:registered_at] = Time.parse(resource.public_send(config.fetch('registered_at')).to_s).utc.iso8601(0)
-          result
+
+          result.tap do |r|
+            r[:registered_at] = Time.parse(
+              resource.public_send(config.fetch('registered_at')).to_s
+            ).utc.iso8601(0)
+          end
         end
       end
     end

diff --git a/spec/castle/middleware/event_mapper_spec.rb b/spec/castle/middleware/event_mapper_spec.rb
@@ -28,6 +28,8 @@
     }
   end
 
+  let(:broken_path) { "signup/DirMHlj0'))" }
+
   describe '::build' do
     subject(:builder) { described_class.build(config) }
 
@@ -62,23 +64,60 @@
 
       it { is_expected.to be_nil }
     end
+
+    context 'when wrong non utf path is used' do
+      let(:conditions) do
+        { status: '302', path: broken_path, method: 'POST', authenticate: false }
+      end
+
+      it { is_expected.to be_nil }
+    end
+
+    context 'when referer is used' do
+      let(:referer) { '/test' }
+
+      before { valid_config['$login.failed']['referer'] = referer }
+
+      context 'when wrong non utf referer is used' do
+        let(:conditions) do
+          {
+            status: '302', referer: broken_path,
+            path: '/sign_in', method: 'POST', authenticate: false
+          }
+        end
+
+        it { is_expected.to be_nil }
+      end
+
+      context 'when correct referer is used' do
+        let(:conditions) do
+          { status: '302', referer: referer, path: '/sign_in', method: 'POST', authenticate: false }
+        end
+
+        it { is_expected.to be_an_instance_of(described_class::Mapping) }
+      end
+    end
   end
 
   describe '#find with regex path in config' do
     subject { described_class.build(regex_config).find(conditions).first }
 
     let(:regex_config) do
-      { '$login.failed' => { status: '400', path: /\/users\/\d+$/, method: 'POST' } }
+      { '$login.failed' => { status: '400', path: %r{/users/\d+$}, method: 'POST' } }
     end
 
     context 'and with matching conditions' do
-      let(:conditions) { { status: '400', path: '/users/1234', method: 'POST', authenticate: false } }
+      let(:conditions) do
+        { status: '400', path: '/users/1234', method: 'POST', authenticate: false }
+      end
 
       it { is_expected.to be_an_instance_of(described_class::Mapping) }
     end
 
     context 'and without matching conditions' do
-      let(:conditions) { { status: '400', path: '/users/1234/account', method: 'POST', authenticate: false } }
+      let(:conditions) do
+        { status: '400', path: '/users/1234/account', method: 'POST', authenticate: false }
+      end
 
       it { is_expected.to be_nil }
     end
@@ -92,6 +131,7 @@
 
       it { is_expected.to be_an_instance_of(described_class::Mapping) }
     end
+
     context 'when matching second item' do
       let(:conditions) { { status: '400', path: '/login', method: 'POST', authenticate: false } }
 

diff --git a/spec/castle/middleware/sensor_spec.rb b/spec/castle/middleware/sensor_spec.rb
@@ -50,7 +50,7 @@ def xhr?
     end
 
     allow(::Castle::Middleware.instance.configuration.services).to receive(:provide_user) { lambda { |_r, _s| user } }
-    allow(::Castle::Middleware.instance.configuration).to receive(:api_secret) { 'secret' }
+    allow(::Castle::Middleware.instance.configuration).to receive(:api_secret).and_return('secret')
     allow(app).to receive(:call).and_return(response)
   end
 
@@ -87,7 +87,7 @@ def xhr?
       let(:body) { [''] }
       let(:user) { nil }
 
-      it { is_expected.to_not inject_the_script }
+      it { is_expected.not_to inject_the_script }
     end
 
     context 'when user_id is set' do

diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -9,7 +9,7 @@
 require 'castle/middleware'
 
 RSpec.configure do |config|
-  config.before(:each) do
+  config.before do
     ::Castle::Middleware.configure do |c|
       c.api_secret = 'secret'
       c.app_id = '1234'